REPORT: Chinese hackers are looking for company secrets in Australian law firms

Hackers have turned their attention to Australian law firms in a bid to uncover commercially sensitive business information that gives Chinese companies a competitive edge, a leading cybersecurity company claims.

The ABC reports that a Chinese hacking cyber-espionage team known as Codoso, or APT-19, is starting to focus on Australia, looking to pass on any corporate intelligence they find to Chinese companies. Law firms are seen as an easy access point.

Tim Wellsmore, head of threat intelligence Asia Pacific at FireEye and the former cyber security manager at the Australian Crime Commission, said his organisation detected phishing attacks against global law firms in the middle of the year and subsequently discovered a Chinese attack on an unnamed Australian research and development organisation.

“We have been involved in attacks in 2017 by the Chinese on research bodies within Australia and we continue to think this will be a focus for the Chinese in years to come,” he told the ABC.

“There is a lot of research that would put them at a strategic advantage.”

Wellsmore says APT-19 acts in support of Chinese state interests, but it’s not known how closely they’re linked to Beijing.

“Sometimes it is tricky to understand whether they are sitting there in uniforms working directly for the Chinese Government, or if they are sponsored and given resources but operate outside the Government hierarchy,” he said.